117 matches found
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update (Important) (RHSA-2023:5810)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5810 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...
RHEL 8 : Red Hat OpenShift Pipelines Client tkn for 1.12.1 (RHSA-2023:6059)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6059 advisory. Red Hat OpenShift Pipelines Client, tkn for the 1.12.1 release, provides a CLI tool to interact with the Pipelines and Triggers components...
RHEL 8 / 9 : OpenShift Container Platform 4.12.39 (RHSA-2023:5679)
The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5679 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
RHEL 7 / 8 / 9 : OpenShift Virtualization 4.13.6 RPMs (RHSA-2023:7521)
The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7521 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory...
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.2.2 Product Security and Bug Fix Update (Important) (RHSA-2023:5809)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5809 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...
RHEL 7 / 8 : Satellite 6.11.5.6 async (RHSA-2023:5980)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5980 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessit...
RHEL 8 : openshift-gitops-kam (RHSA-2023:6782)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6782 advisory. OpenShift GitOps KAM OpenShift GitOps Kubernetes Application Manager CLI tool Security Fixes: golang: net/http, x/net/http2: rapid stream...
Important: Red Hat Security Advisory: Service Telemetry Framework 1.5.4 security update
An update is now available for Service Telemetry Framework 1.5.4 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: go-toolset:rhel8 security update
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: golang security update
An update for golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
ALSA-2024:1963 Important: golang security update
The golang packages provide the Go programming language compiler. Security Fixes: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288...
Important: golang security update
The golang packages provide the Go programming language compiler. Security Fixes: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288...
ROS-20240422-05
The golang package vulnerability is related to errors returned from MarshalJSON methods containing data, controlled by the user. Exploitation of the vulnerability could allow an attacker acting remotely, exploit these errors to disrupt the contextual behavior of the automatic output of the packag...
Fedora 39 : golang-github-tdewolff-argp / golang-github-tdewolff-minify / etc (2024-c3e32c5635)
The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-c3e32c5635 advisory. Update to latest version Security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...
BIT-GOLANG-2023-39325 HTTP/2 rapid reset can cause excessive work in net/http
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
PT-2024-2621
Name of the Vulnerable Software and Affected Versions net/http and net/http2 in Go affected versions not specified Description An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.0 packages and security update
Red Hat OpenShift Container Platform release 4.15.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...
RHEL 8 / 9 : OpenShift Container Platform 4.15.0 (RHSA-2023:7201)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7201 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.11.58 bug fix and security update
Red Hat OpenShift Container Platform release 4.11.58 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...
Oracle Linux 8 : conmon (ELSA-2023-13054)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13054 advisory. - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 - Resolve CVE-2023-44487 and CVE-2023-39325 - address CVE-2023-44487 and...